package com.betty.cscams.controller;

import java.awt.image.BufferedImage;
import java.io.IOException;

import javax.servlet.http.HttpServletRequest;

import com.betty.cscams.common.http.HttpResult;
import com.betty.cscams.entity.SysUser;
import com.betty.cscams.security.JwtAuthenticatioToken;
import com.betty.cscams.service.SysUserService;
import com.betty.cscams.service.impl.SysCaptchaServiceImp;
import com.betty.cscams.util.PasswordUtils;
import com.betty.cscams.util.SecurityUtils;
import com.betty.cscams.vo.LoginBean;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;

/**
 * 登录控制器
 */
@RestController
public class SysLoginController {


	@Autowired
	private SysUserService sysUserService;
	@Autowired
	private AuthenticationManager authenticationManager;
	@Autowired
	private SysCaptchaServiceImp sysCaptchaService;

	/**
	 * 登录接口
	 */
	@PostMapping(value = "/login")
	public HttpResult login(@RequestBody LoginBean loginBean, HttpServletRequest request) throws IOException {
		String username = loginBean.getAccount();
		String password = loginBean.getPassword();
		String type = loginBean.getType();
		if(StringUtils.isEmpty(type)){
			return HttpResult.error("请选择用户类型");
		}
		// 用户信息
		SysUser user = sysUserService.findByName(username);
		// 账号不存在、密码错误
		if (user == null) {
			return HttpResult.error("账号不存在");
		}
		if(!type.equals(user.getType())){
			return HttpResult.error("用户类型不匹配");
		}
		if (!PasswordUtils.matches(user.getSalt(), password, user.getPassword())) {
			return HttpResult.error("密码不正确");
		}
		// 账号锁定
		if (user.getStatus() == 0) {
			return HttpResult.error("账号已被锁定,请联系管理员");
		}
		// 系统登录认证
		JwtAuthenticatioToken token = SecurityUtils.login(request, username, password, authenticationManager);
		return HttpResult.ok(token);
	}
	/**
	 * 获取邮件验证码接口
	 */
	@PostMapping(value = "/sendCaptcha")
	public HttpResult sendCaptcha(@RequestBody LoginBean loginBean, HttpServletRequest request) throws Exception {

		String username = loginBean.getAccount();
		String email = loginBean.getEmail();
		// 从session中获取之前保存的验证码跟前台传来的验证码进行匹配
		// 用户信息
		SysUser user = sysUserService.findByName(username);
		// 账号不存在、密码错误
		if (user == null) {
			return HttpResult.error("账号不存在");
		}
		if (!email.equals(user.getEmail())) {
			return HttpResult.error("用户邮箱不匹配");
		}
		// 账号锁定
		if (user.getStatus() == 0) {
			return HttpResult.error("账号已被锁定,请联系管理员");
		}
		sysCaptchaService.sendMail(username,email);
		return HttpResult.ok();
	}

	/**
	 * 重置密码接口
	 */
	@PostMapping(value = "/resetPwd")
	@Transactional
	public HttpResult resetPwd(@RequestBody LoginBean loginBean, HttpServletRequest request) throws Exception {

		String username = loginBean.getAccount();
		String email = loginBean.getEmail();
		String captcha = loginBean.getCaptcha();
		// 从session中获取之前保存的验证码跟前台传来的验证码进行匹配
		// 用户信息
		SysUser user = sysUserService.findByName(username);
		// 账号不存在、密码错误
		if (user == null) {
			return HttpResult.error("账号不存在");
		}
		if (!email.equals(user.getEmail())) {
			return HttpResult.error("用户邮箱不匹配");
		}
		// 账号锁定
		if (user.getStatus() == 0) {
			return HttpResult.error("账号已被锁定,请联系管理员");
		}
		if (!sysCaptchaService.vaildCaptcha(username,email,captcha)) {
			return HttpResult.error("验证码失效");
		}
		String password = PasswordUtils.randomPwd(7);
		String salt  = PasswordUtils.getSalt();
		user.setSalt(salt);
		user.setPassword(PasswordUtils.encode(password,salt));
		sysUserService.save(user);
		sysCaptchaService.sendResetPwdMail(username,email,password);
		return HttpResult.ok();
	}

}
